????讓我試著以問(wèn)答的形式解釋此事。 ????問(wèn):互聯(lián)網(wǎng)上存在Mac OS X的病毒嗎? ????從技術(shù)上講并不存在。就我目前所知,人們并未在互聯(lián)網(wǎng)上發(fā)現(xiàn)針對(duì)Mac OS X的病毒。但你必須知道,互聯(lián)網(wǎng)上仍有不少針對(duì)Mac系統(tǒng)的惡意軟件。 ????問(wèn):比方說(shuō)什么? ????目前最引人關(guān)注的是一款名叫“MAC防御者”( MAC Defender)的假冒殺毒軟件,運(yùn)行Safari瀏覽器的Mac OS X用戶可能會(huì)碰到它。 ????問(wèn): “MAC防御者”會(huì)造成哪些危害? ????本周一,計(jì)算機(jī)安全網(wǎng)站Intego發(fā)布的一份備忘錄指出, 1)“MAC防御者”會(huì)運(yùn)行一個(gè)假的帶有病毒掃描動(dòng)畫(huà)的窗口,并提示你的電腦中毒了;2) 然后它會(huì)運(yùn)行一個(gè)真正的Mac安裝程序,并要求你輸入管理員密碼;3)一旦安裝程序,你的電腦就會(huì)表現(xiàn)得像真正中了病毒,會(huì)不停打開(kāi)大堆令人生厭的網(wǎng)站,其它方面表現(xiàn)也會(huì)不正常;4)“MAC防御者”會(huì)向你提供1年、2年和終生防毒三個(gè)選項(xiàng);5)如果你選擇購(gòu)買(mǎi),它就會(huì)盜走你的信用卡賬號(hào)。 ????問(wèn):萬(wàn)眾期待的Mac大災(zāi)難到來(lái)了? ????并非如此,不過(guò)一些人已經(jīng)開(kāi)始銷(xiāo)售一種1000美元的惡意軟件工具包,這可能會(huì)掀起新一輪針對(duì)蘋(píng)果(Apple)電腦的惡意軟件進(jìn)攻大潮。 ????問(wèn):什么是惡意軟件工具包? ????這是一種一鍵生成式軟件,很多有組織的網(wǎng)絡(luò)犯罪團(tuán)伙一直在使用它制造針對(duì)微軟(Microsoft)Windows系統(tǒng)的惡意軟件。通過(guò)這種傻瓜工具,一個(gè)略懂編程技術(shù)的罪犯就能入侵上百萬(wàn)臺(tái)電腦。 |
????Let's see if we can handle this one as a Q&A. ????Q: Is there a Mac OS X virus loose on the Internet? ????Technically, no. As far as I know, no Mac OS X virus has ever been detected in the wild. But there are other kinds of Mac malware out there that you should know about. ????Q: Like what? ????The immediate concern, ironically, is a bogus antivirus program called "MAC Defender" that targets Mac OS X users running Safari. ????Q: What does MAC Defender do? ????According to a memo released Monday by the computer security site Intego: 1) It runs a fake Windows virus scan animation and announces that your computer is infected. 2) It runs a real Mac installation program and asks for your administrator password. 3) Once installed, it makes your computer act like it really is infected, opening offensive websites and generally misbehaving. 4) It offers you 1-year, 2-year or lifetime protection. 5) If you buy the protection, it steals your credit card number. ????Q: Is this the start of the long-awaited Macpocalypse? ????No, but someone has started selling a $1,000 crimekit that could produce a new wave of malware targeting Apple (AAPL) computers. ????Q: What's a malware crimekit? ????It's a fill-in-the-blanks program of the kind organized cybercrime gangs have been using for years to generate Microsoft (MSFT) Windows malware. With a do-it-yourself toolkit, a criminal with limited programming skills can infect millions of computers. |
????問(wèn):這種新的Mac惡意軟件工具包是什么樣?它會(huì)造成哪些危害? ????本周一,丹麥安全公司CSIS發(fā)布警告稱(chēng),這是一種名為“Weyland-Yutani BOT”的Windows程序,能夠在Mac平臺(tái)的Firefox瀏覽器上進(jìn)行“網(wǎng)頁(yè)注入”和“表格竊取”。(據(jù)稱(chēng)Safari和Chrome版本正在開(kāi)發(fā)中,而Linux和iPad平臺(tái)的開(kāi)發(fā)也正在進(jìn)行。)網(wǎng)頁(yè)注入能在被信任的網(wǎng)站上添加新的腳本語(yǔ)言,而表格竊取能盜竊毫無(wú)戒心的用戶輸入的密碼和信用卡賬號(hào)。 ????問(wèn):那這意味著現(xiàn)在Mac同Windows PC一樣危險(xiǎn)了? ????絕不是。去年秋天,Sophos實(shí)驗(yàn)室的計(jì)算機(jī)安全團(tuán)隊(duì)報(bào)告稱(chēng),他們每周能發(fā)現(xiàn)一到兩次針對(duì)Mac的攻擊,與之相比,每天有成千上萬(wàn)起針對(duì)Windows PC的攻擊。更何況,這兩款最新的Mac惡意軟件并沒(méi)有什么大不了的。Intego將“MAC防御者”的危險(xiǎn)程度定義為“極低”,而CSIS表示,目前還沒(méi)有發(fā)現(xiàn)Weyland-Yutani BOT帶來(lái)的威脅。 ????問(wèn):Mac用戶需要安裝殺毒軟件嗎? ????這就看你(或是你的IT管理員)怎么選擇了。這種情況可能會(huì)改變,但就目前來(lái)看,我認(rèn)為沒(méi)必要安裝,因?yàn)樗麄兛赡芊炊鴰?lái)很多麻煩——看看“MAC防御者”這樣的程序能夠造成多大的危害你就知道了。 |
????Q: What's this new Mac crimekit, and what does it do? ????According to an alert published Monday by the Danish security firm CSIS, it's a Windows program called "Weyland-Yutani BOT" that supports "Web injects" and "form grabbing" on Firefox for the Mac. (Safari and Chrome reportedly in the works, as well as Linux and iPad versions.) Web injects can put new language into trusted websites and form grabbers can capture passwords and credit numbers entered by unsuspecting users. (Video of the toolkit in action below.) ????Q: So are Macs now as dangerous as Windows PCs? ????Not by a long shot. Last fall, the computer security team at Sophos Labs reported that they were seeing one or two attacks on Macs each week, compared with tens of thousands per day against Windows PCs. Moreover, the two newest Mac malware threats haven't really begun in earnest. Intego describes MAC Defender as "rare," and according to CSIS, Weyland-Yutani BOT is still flying under the radar. ????Q: Should Mac users install anti-virus software? ????That's your (or your IT administrator's) call. This could change, but I've found anti-virus programs for the Mac to be more trouble than they're worth -- witness the havoc a program like MAC Defender can cause. |
????問(wèn):Mac用戶還能采取哪些保護(hù)措施? ????不要下載程序,除非它們來(lái)自可信任網(wǎng)站,例如蘋(píng)果應(yīng)用程序商店。除非你完全信任某個(gè)網(wǎng)站,否則不要按照其要求輸入你的計(jì)算機(jī)密碼、社會(huì)保障號(hào)碼或是信用卡信息。還有一個(gè)預(yù)防措施,那就是不要在Safari的“選項(xiàng)/一般設(shè)置”里勾選“下載后打開(kāi)‘安全’文件”。 ????譯者:項(xiàng)航 |
????Q: What else can Mac users do to protect themselves? ????Don't download programs unless they come from trusted sources, like an Apple App Store. Unless you have absolute confidence in the site that is asking for it, never give up your computer password, your social security number or your credit card information. And as an extra precaution, uncheck "Open 'safe' files after downloading" in Safari Preferences/General. |
相關(guān)稿件
最新文章